1. Field of the Invention
The present invention generally relates to Personal Identification Number (PIN) creation and more particularly to automatic creation of PINs.
2. Related Art
PINs or Personal Identification Numbers are used to identify or authenticate a user, such as at an ATM machine, to access account information, such as through a smart phone, a computer or PC, or through a telephone. PINs are typically preferred by the user for use on phones or other devices having numerical keypads. One reason is that PINs are shorter, and therefore faster to enter. Another is that PINs typically have fewer characters (i.e., only 0-9), which means that these keys can be made larger, and therefore easier for the user to enter on a device. Further yet, PINs, which do not require a full QWERTY keyboard, are suitable for smaller numeric keypads.
However, PINs are typically less secure than passwords because each digit of a PIN only has 10 possibilities (0-9), while each digit of a password can have 52 possibilities (letters A-Z, both upper and lower case) or more if other characters such as numbers and symbols are also available. Furthermore, PINs are less secure because they typically exhibit stronger patterns for ease of memory by the user, e.g., it has been reported that one in five users choose their PIN as a date. Since there are only 365 days in a year, this clearly does not take advantage of the full potential of all the 10000 combinations afforded by having four digit PINs.
There are many other reasons why PINs have slight drawbacks, such as being harder to remember (unless the user chooses an easily remembered pattern, such as a date).
A further disadvantage of PINs is that users may be required to create or generate a new PIN for access through a mobile device or device with a numerical keypad, even though the user already has a password for access through the user's PC, laptop, or home/work computer. This results in a more difficult on-boarding process for the user, which may lead to the user reducing or even eliminating use on affected mobile applications. Even if a user decides to create a PIN, the user may need to first enter a password through the mobile device, thereby exposing the password to possible fraudsters. This can be problematic, as mobile environments tend to be less secure than non-mobile environments.
Therefore, there is a need for a PIN generation that overcomes the disadvantages of conventional methods discussed above.